<?php
session_start();

if (!$_SESSION['loggedin']) {
    // User not logged in, redirect to login page
    echo "<script language='javascript'>window.location='index.php'</script>";
}
if ($_SESSION['loggedin'] && $_SESSION['accounttype'] == 'admin') { //edited account type change to admin
?>
    <html>
        <head>
            <link rel="stylesheet" href="css/style.css" type="text/css" id="" media="print, projection, screen" />
            <script type="text/javascript" src="script/jquery-latest.js"></script>
            <script type="text/javascript" src="script/jquery.validate.js"></script>
            <script type="text/javascript">
                $(document).ready(function(){
                    $("#commentForm").validate({
                        rules: {
                            password: "required",
                            password_again: {
                                equalTo: "#password"
                            }
                        }
                    });
                });


                function confirmLogout()
                {
                    var agree=confirm("Are you sure you want to Logout?");
                    if (agree)
                        return true ;
                    else
                        return false ;
                }
                function confirmSubmit()
                {
                    var agree=confirm("Are you sure all fields entered are correct?");
                    if (agree)
                        return true ;
                    else
                        return false ;
                }
                function confirmReset()
                {
                    var agree=confirm("Are you sure you want to reset all fields?");
                    if (agree)
                        return true ;
                    else
                        return false ;
                }
                function confirmUpdate()
                {
                    var agree=confirm("Are you sure you want to update?");
                    if (agree)
                        return true ;
                    else
                        return false ;
                }

            </script>

            <title>TUP Profile Management</title>
            <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
        </head>

        <body style=" height:100%; width: 100%; background-image: url(image/wall6.jpg);">

            <div id="container" style="height:auto; width: 100%;">

                <div style="background-image: url(image/wall12.jpg); height: 110px; width: auto; ">
                </div>


                <div align="center" style="background-image: url(image/wall11.jpg);  height: 74px; width: auto;">


                    <div align="center" style=" height: 4px; width: auto;"></div>
                    <div align="center" style=" height: 22px; width: auto;">

                        <a href="UMMViewUser.php"><b>User Management</b></a>&nbsp;&nbsp;

                    </div>

                    <div align="center" style=" height: 4px; width: auto;"></div>
                    <div align="center" style=" height: 22px; width: auto;">

                        <a href="UMMAddUser.php" >Add User</a>&nbsp;

                        <a href="UMMViewUser.php">View User</a>&nbsp;

                        <a href="UMMSearchUser.php">Search User</a>&nbsp;


                    </div>

                    <div  align="left" style="padding-left: 4%; height: 18px; width: 46%;float:left;"><?php echo "<aa class=\"smallw\"><b>Welcome " . $_SESSION['fname'] . ", Last login: " . $_SESSION['lastlogin'] . "</b></aa>"; ?>
                    </div>
                    <div align="right" style="padding-right: 4%; height: 18px; width: 46%;float:left;"><bb>|</bb>
                        <a class="small" href="AdminEditProfile.php"><b>Edit Profile</b></a>
                        <bb>|</bb>
                        <a onclick="return confirmLogout()" class="small" href="Logout.php"><b>Logout</b></a>
                        <bb>|</bb></div>

                </div>


                <div align="left" style="padding-left: 4%;  float:left; width: 96%;">

                    <h2>Edit Profile</h2>

                <?php
                //10546456

                $username = $_SESSION['username'];

                if (isset($_POST['update'])) {
                    $fname = $_POST['fname'];
                    $mname = $_POST['mname'];
                    $lname = $_POST['lname'];
                    $email = $_POST['email'];
                    $password = $_POST['password'];

                    include 'DBLibrary/config.php';
                    include 'DBLibrary/openDB.php';

                    mysql_select_db($dbname);

                    $updatequery = "update user set fname='" . $fname . "', mname='" . $mname . "', lname='" . $lname . "', password='" . $password . "', email='" . $email . "' where username='" . $username . "'";
//  $query4 ="update user set birthdate='".$birthdate . "', fname='" .$fname ."', lname='". $lname."', mname='" .$mname . "', gender='". $gender . "', email='".$email."', password='".$password."', address='".$address."', telnumber='". $telnumber."', mobnumber='".$mobnumber . "' where username='".$_SESSION['username']."'";

                    $queryvalue = mysql_query($updatequery);

                    if ($queryvalue == 0) {
                        echo "<a class=\"red\">" . mysql_errno($conn) . ": " . mysql_error($conn) . "</a>\n";
                        echo "<h3 class=\"err\">Update failed</h3>";
                    } else if ($queryvalue == 1) {
                        $_SESSION['fname'] = $fname;
                        echo "<h3 class=\"err\">Profile has been updated</h3>";
                    }

                    include 'DBLibrary/closeDB.php';
                }

                include 'DBLibrary/config.php';
                include 'DBLibrary/openDB.php';

                mysql_select_db($dbname);
                $queryselectedstud = "select username, fname, password, mname, gender, lname, email, idno from user where username=\"" . $username . "\"";
                $selectedstud = mysql_query($queryselectedstud);
                $rowedit = mysql_fetch_array($selectedstud);
                ?>

                <h3>User Information</h3>
                <form onsubmit="return confirmUpdate()" class="cmxform" id="commentForm" method="post" action="AdminEditProfile.php">
                    <p>Personnel ID Number: <?php echo "<aa>" . $rowedit['idno'] . "</aa>"; ?><br>
                        <br>Password:<input type="password" id="password" name="password" minlength="8" value="<?php echo $rowedit['password']; ?>"/><br>
                        <br>Retype Password: <input type="password" id="password_again" name="password_again" minlength="8" value="<?php echo $rowedit['password']; ?>"/><br>
                        <br>First Name MI. Last Name:&nbsp;<input id="fname" type="text" name="fname" value="<?php echo $rowedit['fname']; ?>" size="14" maxlength="32" class="required" minlength="1"/>&nbsp;&nbsp;<input id="mname" type="text" name="mname" value="<?php echo $rowedit['mname']; ?>" size="1" maxlength="1" class="required" minlength="1"/>.&nbsp;&nbsp;<input id="lname" type="text" name="lname" value="<?php echo $rowedit['lname']; ?>" size="10" maxlength="32" class="required" minlength="1"/><br>
                        <br>Gender: <?php echo "<aa>" . $rowedit['gender'] . "</aa>"; ?>  <br>
                        <br>Email Address:&nbsp;<input id="email" type="text" name="email" value="<?php echo $rowedit['email']; ?>" size="32" maxlength="64" class="required email" minlength="1"/><br>
                        <br><br><input name="update" class="submit" type="submit" value="Update"/>
                    </p></form>

            </div>
        </div>

        <div id="footer" style="background-image: url(image/wall11.jpg);clear:both;text-align:center; height: 26px; width:auto;">
            <div align="center" style=" height: 4px; width: auto;"></div>
            <bb class ="small">Copyright &#169; 2011</bb>
        </div>

    </body>
</html>
<?php
            } else if ($_SESSION['loggedin'] && $_SESSION['accounttype'] == 'registrar') {
                echo "<script language='javascript'>window.location='SMMViewStud.php'</script>";
            } else if ($_SESSION['loggedin'] && $_SESSION['accounttype'] == 'professor') {
                echo "<script language='javascript'>window.location='AMMSelectSection.php'</script>";
            }
?>